Want to pull a report from Outlook emails filtered...

iqbalintouch · ‎05-24-2019

Hi,
I want to pull a report which reads a specific subject line from outlook emails and tells me that how many times I have received the same email and on which dates particularly.

i.e: if the email subject line says, "My Alert: ecom sale low volume Alert" , I need to pull a report for this alert and when this alert was received in last 1 year and how many times.
so the report should contain 3 columns, subject_line - received date - frequency/counts of this email

iqbalintouch · ‎05-27-2019

Hi DavidHourani,

Thank you for the response but this doesn't helped.

We don't have this index and sourcetype. What I am looking for a report from Microsoft outlook using their API and by running query in splunk.

Regards,
Iqbal

DavidHourani · ‎05-25-2019

Hi @iqbalintouch,

Your search here from what you're explaining seems quite straightforward :

index=office365 sourcetype=email | stats count, list(received_date) as received_dates, last(received_date) as last_seen by subject

Let me know if anything is missing and we can work on that.

Cheers,
David

DavidHourani · ‎05-27-2019

Hi @iqbalintouch,

If you're looking for a way to connect then you will need to use this app :

https://splunkbase.splunk.com/app/4055/
Documentation here :
https://docs.splunk.com/Documentation/AddOns/released/MSCloudServices/Configureinputs

Want to pull a report from Outlook emails filtered based on subject line by running query in splunk

Register to Attend BSides SPL 2022 - It's all Happening October 18!

What's New in Splunk Cloud Platform 9.0.2208?!

Admin Console: A Single, Unified Interface for All Your Cloud Admin Needs